Lucene search
RedHatRHSA-2024:2410HistoryApr 30, 2024 - 6:15 a.m.
(RHSA-2024:2410) Moderate: harfbuzz security update
2024-04-3006:15:38
access.redhat.com
2
harfbuzz
opentype layout
security update
o(n^2) growth
cve-2023-25193
red hat enterprise linux.
HarfBuzz is an implementation of the OpenType Layout engine.
Security Fix(es):
- harfbuzz: allows attackers to trigger O(n^2) growth via consecutive marks (CVE-2023-25193)
For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.
Additional Changes:
For detailed information on changes in this release, see the Red Hat Enterprise Linux 9.4 Release Notes linked from the References section.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 9 | i686 | harfbuzz-icu-debuginfo | < 2.7.4-10.el9 | harfbuzz-icu-debuginfo-2.7.4-10.el9.i686.rpm |
| RedHat | 9 | i686 | harfbuzz-debugsource | < 2.7.4-10.el9 | harfbuzz-debugsource-2.7.4-10.el9.i686.rpm |
| RedHat | 9 | x86_64 | harfbuzz-icu-debuginfo | < 2.7.4-10.el9 | harfbuzz-icu-debuginfo-2.7.4-10.el9.x86_64.rpm |
| RedHat | 9 | s390x | harfbuzz-debugsource | < 2.7.4-10.el9 | harfbuzz-debugsource-2.7.4-10.el9.s390x.rpm |
| RedHat | 9 | x86_64 | harfbuzz-icu | < 2.7.4-10.el9 | harfbuzz-icu-2.7.4-10.el9.x86_64.rpm |
| RedHat | 9 | s390x | harfbuzz | < 2.7.4-10.el9 | harfbuzz-2.7.4-10.el9.s390x.rpm |
| RedHat | 9 | s390x | harfbuzz-icu-debuginfo | < 2.7.4-10.el9 | harfbuzz-icu-debuginfo-2.7.4-10.el9.s390x.rpm |
| RedHat | 9 | ppc64le | harfbuzz-debugsource | < 2.7.4-10.el9 | harfbuzz-debugsource-2.7.4-10.el9.ppc64le.rpm |
| RedHat | 9 | aarch64 | harfbuzz-devel | < 2.7.4-10.el9 | harfbuzz-devel-2.7.4-10.el9.aarch64.rpm |
| RedHat | 9 | i686 | harfbuzz-devel-debuginfo | < 2.7.4-10.el9 | harfbuzz-devel-debuginfo-2.7.4-10.el9.i686.rpm |
Related
nessus
nessus
EulerOS 2.0 SP5 : harfbuzz (EulerOS-SA-2024-1142)
2024-02-08 00:00:00
Oracle Linux 9 : harfbuzz (ELSA-2024-2410)
2024-05-06 00:00:00
Fedora 38 : cairo / freetype / harfbuzz / qt6-qtwebengine (2023-a48406ecd2)
2023-03-14 00:00:00
redos
redos
ROS-20240329-19
2024-03-29 00:00:00
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2023:1822-1)
2023-05-05 00:00:00
Huawei EulerOS: Security Advisory for harfbuzz (EulerOS-SA-2024-1142)
2024-02-09 00:00:00
Huawei EulerOS: Security Advisory for harfbuzz (EulerOS-SA-2023-2270)
2023-07-04 00:00:00
fedora
fedora
[SECURITY] Fedora 38 Update: cairo-1.17.8-2.fc38
2023-03-14 03:31:48
[SECURITY] Fedora 38 Update: harfbuzz-7.0.1-2.fc38
2023-03-14 03:31:51
[SECURITY] Fedora 38 Update: freetype-2.13.0-2.fc38
2023-03-14 03:31:50
f5
f5
K000135674 : HarfBuzz vulnerability CVE-2023-25193
2023-07-31 00:00:00
cbl_mariner
cbl_mariner
CVE-2023-25193 affecting package mozjs60 60.9.0-13
2024-05-21 03:37:57
CVE-2023-25193 affecting package qt5-qtbase 5.12.11-12
2024-05-21 03:38:01
CVE-2023-25193 affecting package harfbuzz 2.6.4-4
2023-03-16 03:40:02
osv
osv
CVE-2023-25193
2023-02-04 20:15:08
Moderate: harfbuzz security update
2024-04-30 00:00:00
Moderate: java-11-openjdk security and bug fix update
2023-07-20 00:00:00
alpinelinux
alpinelinux
CVE-2023-25193
2023-02-04 20:15:08
ubuntucve
ubuntucve
CVE-2023-25193
2023-02-04 00:00:00
cvelist
cvelist
CVE-2023-25193
2023-02-04 00:00:00
cve
cve
CVE-2023-25193
2023-02-04 20:15:08
debiancve
debiancve
CVE-2023-25193
2023-02-04 20:15:08
almalinux
almalinux
Moderate: harfbuzz security update
2024-04-30 00:00:00
Moderate: java-11-openjdk security and bug fix update
2023-07-20 00:00:00
Moderate: java-11-openjdk security and bug fix update
2023-07-20 00:00:00
prion
prion
Code injection
2023-02-04 20:15:00
veracode
veracode
Denial Of Service (DoS)
2023-02-09 17:06:41
oraclelinux
oraclelinux
harfbuzz security update
2024-05-02 00:00:00
java-11-openjdk security and bug fix update
2023-07-28 00:00:00
java-11-openjdk security and bug fix update
2023-07-21 00:00:00
redhatcve
redhatcve
CVE-2023-25193
2023-02-06 04:26:12
photon
photon
Important Photon OS Security Update - PHSA-2023-4.0-0339
2023-02-23 00:00:00
Important Photon OS Security Update - PHSA-2023-3.0-0538
2023-02-26 00:00:00
ibm
ibm
Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime affect z/Transaction Processing Facility
2023-06-12 22:12:59
Security Bulletin: Multiple vulnerabilities in IBM Semeru Runtime may affect IBM Decision Optimization for IBM Cloud Pak for Data
2023-09-08 08:48:17
Security Bulletin: Multiple vulnerabilities may affect IBM® Semeru Runtime
2023-06-05 13:46:32
redhat
redhat
(RHSA-2023:4163) Moderate: java-11-openjdk security and bug fix update
2023-07-19 16:37:24
(RHSA-2023:4175) Moderate: java-11-openjdk security and bug fix update
2023-07-20 11:24:08
(RHSA-2023:4233) Moderate: java-11-openjdk security and bug fix update
2023-07-20 12:24:12
ubuntu
ubuntu
OpenJDK 20 vulnerabilities
2023-08-03 00:00:00
OpenJDK regression
2023-08-30 00:00:00
OpenJDK vulnerabilities
2023-08-01 00:00:00
amazon
amazon
Medium: java-11-amazon-corretto
2023-07-17 17:39:00
Medium: java-17-amazon-corretto
2023-07-17 17:39:00
Important: thunderbird
2023-03-02 22:36:00
kaspersky
kaspersky
KLA51006 Multiple vulnerabilities in Oracle Java SE and GraalVM
2023-07-18 00:00:00
mageia
mageia
Updated java packages fix security vulnerabilities
2023-09-30 22:15:40
ics
ics
Siemens SCALANCE XCM-/XRM-300
2024-02-15 12:00:00
oracle
oracle
Oracle Critical Patch Update Advisory - July 2023
2023-07-18 00:00:00